Hi,
I realized that I missed the reply all last time.
There is one thing to add.
I did more research on the ssh passphrase topic, and I found it doable.
Adding more security is always a good thing, so I will follow the
suggestion.
I will post a new webrev when it is done.
Kind Regards
Detlef
Detlef Ulherr wrote:
> Hi Tim,
>
> See the responses inline.
>
> Detlef
>
> Tim Read - Staff Engineer Solaris Availability Engineering wrote:
>
>> Detlef,
>>
>> Just a few comments:
>>
>> functions.ksh
>> L1243 - isn't a 1 second time out on ping a little too aggressive? On
>> a busy network or over a WAN it might sometimes take a couple of
>> second. Are you really gaining anything by not setting this to, say, 5
>> seconds?
>>
>>
> Agreed you are right, in case of a spec based campus cluster it is too
> aggressive, I will change that.
>
>> L1253/1259 - how does ssh get the user password? Having passwordless
>> login is probably not a good idea.
>>
> The problem here is that the postgres server has an archive command.
> This archive command is executed by the PostgreSQL server. This archive
> command needs a passwordless login, I will investigate, if I can
> associate an ssh-agent with the PostgeSQL server in a way, that the
> archive command succeeds.
>
> If it can be done, I will fix it in the resilver scripts as well. If it
> can not be done here is no need to change the algorithm here.
>
>> L1336 - I see what the code is doing but not why. It looks very odd.
>>
> This pkill is to speed up the transition into the start_failed status, I
> will add a better comment.
>
>> functions_static.ksh
>> L157 - you use grep directly rather than your normal ${GREP}, etc
>> approach.
>> L157 - could have undesirable consequences if you had a cluster with
>> nodes: node1 and node11 that were in the nodelist of RG rgA, since the
>> command would end up with two lines rather than one.
>>
>>
> You are right, I will fix both.
>
>> rolechg/functions.ksh
>> L62 - again departs from ${COMMAND} approach with /usr/bin/grep, etc.
>> L330/4 - ditto (and other places)
>>
> I will fix it.
>
>> resilver-step1
>> L189 - same comment about ssh passwords (and throughout all files)
>>
> See the earlier comment.
>
>>
>> Tim
>> ---
>>
>> Detlef Ulherr wrote:
>>
>>> Hi,
>>>
>>> I recently posted the webrev for the WAL file shipping integration. In
>>> addition to this task I fixed the following bugs:
>>>
>>> * 6637843 Registration of the postgres agent fails if the nodelist
>>> has two or more zone on the registering node
>>> * 6608184 smf manifest should not depend on network/physical
>>>
>>>
>>>
>>> The webrev is available under:
>>> http://cr.opensolaris.org/~ulherr/pgshotstandby/
>>>
>>> Any comments are highly appreciated.
>>>
>>> Kind Regards
>>> Detlef
>>>
>>>
>
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE: This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy
all copies of the original message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*****************************************************************************
Detlef Ulherr
Staff Engineer Tel: (++49 6103) 752-248
Availability Engineering Fax: (++49 6103) 752-167
Sun Microsystems GmbH
Amperestra?e 6 mailto:detlef.ulherr at sun.com
63225 Langen http://www.sun.de/
*****************************************************************************
Sitz der Gesellschaft: Sun Microsystems GmbH, Sonnenallee 1, D-85551
Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Thomas Schroeder, Wolfgang Engels, Dr. Roland Boemer
Vorsitzender des Aufsichtsrates: Martin Haering
*****************************************************************************
